FreeBSD Security Advisory - FreeBSD-SA-25:06.xz

FreeBSD Security Advisory - A worker thread could free its input buffer after decoding, while the main thread might still be writing to it. This leads to an use-after-free condition on heap memory...

PT-2025-28013 · Mbed Tls · Mbed Tls

Name of the Vulnerable Software and Affected Versions: MbedTLS versions 3.3.0 through 3.6.3 Description: The issue arises from the function mbedtls lms import public key not checking if the input buffer is at least 4 bytes before reading a 32-bit field. This allows for a possible out-of-bounds re...

PT-2025-33595

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue in the hwmon component, specifically within the corsair-cpro driver. The vulnerability involves insufficient validation of the size of received input...

CVE-2021-1910

Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2020-1832

E6878-370 products with versions of 10.0.3.1H557SP27C233 and 10.0.3.1H563SP1C00 have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead ...

CVE-2019-5690

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape in which the size of an input buffer is not validated, which may lead to denial of service or escalation of privileges...

CVE-2019-2244

Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,...

kernel: smb: client: fix OOBs when building SMB2_IOCTL request

A flaw was found in the cifs module in the Linux kernel. When building SMB2IOCTL requests using encryption, either enforced by the server or using the 'seal' mount option, an out-of-bounds write can be triggered when the user passes an input buffer greater than 328 bytes, resulting in memory...

PT-2025-9249

Name of the Vulnerable Software and Affected Versions Paragon Partition Manager version 7.9.1 Description The issue is caused by a null pointer dereference vulnerability within biontdrv.sys, resulting from a lack of a valid MasterLrp structure in the input buffer. This allows an attacker to execu...

CVE-2024-21480

Memory corruption while playing audio file having large-sized input buffer...

Suricata < 7.0.8 Multiple Vulnerabilities

The version of OISF Suricata installed on the remote host is prior to 6.0.19 or 7.x prior to 7.0.5. It is, therefore, affected by multiple vulnerabilities: - A large input buffer to one of the following transforms can lead to a stack overflow causing Suricata to crash in the following transforms:...

CVE-2024-55605 Suricata allows stack overflow in transforms

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large input buffer to the tolowercase, touppercase, stripwhitespace, compresswhitespace, dotprefix, headerlowercase, strippseudoheaders, urldecode, or xor...

webp crate may expose memory contents when encoding an image

Affected versions of this crate did not check that the input slice passed to "webp::Encoder::encode is large enough for the specified image dimensions. If the input slice is too short, the library will read out of bounds of the buffer and encode other memory contents as an image, resulting in...

RUSTSEC-2024-0443 webp crate may expose memory contents when encoding an image

Affected versions of this crate did not check that the input slice passed to "webp::Encoder::encode is large enough for the specified image dimensions. If the input slice is too short, the library will read out of bounds of the buffer and encode other memory contents as an image, resulting in...

CVE-2024-45008

CVE-2024-45008 affects the Linux kernel input subsystem. The vulnerability arises when input_mt_init_slots() allocates slots based on user-supplied num_slots via UI_DEV_CREATE, risking oversized allocations. A patch caps the maximum slots at 1024, mitigating memory exhaustion. Connected advisorie...

DEBIAN-CVE-2024-5991

In function MatchDomainName, input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509checkhost takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do...

AMD μProf 安全漏洞

AMD μProf is a software analysis tool from Ultra Micro Semiconductor AMD. A security vulnerability exists in AMD μProf that stems from insufficient validation of the input buffer, which could allow an authenticated attacker to perform out-of-bounds writes, which could result in a crash of the...

Debian dla-3819 : fossil - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3819 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3819-1 [email protected] https://www.debian.org/lts/security/...

QNAP Systems QTS和QuTS hero 安全漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems, Inc.QNAP Systems QTS is an operating system used by entry to mid-level QNAP NAS.QNAP Systems QuTS hero is an operating system. A security vulnerability exists in QTS and QuTS Hero that stems fr...

CVE-2024-21480

Memory corruption while playing audio file having large-sized input buffer...